hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
81,307 Commits 1,671 Branches 157 Tags
codeql-cli-2.22.2
Commit Graph

11679 Commits

Author SHA1 Message Date
Asger F
e2cdf5d7ed JavaScript: add string concatenation library 2018-09-17 12:47:37 +01:00
Asger F
b20fd3c084 JS: recognize res.sendfile as alias for res.sendFile in Express 2018-09-17 11:31:10 +01:00
Esben Sparre Andreasen
bb48421d77 JS: address doc review comments 2018-09-17 11:08:35 +02:00
semmle-qlci
782e91bb97 Merge pull request #167 from bnxi/NodeIntegration 
Approved by esben-semmle
 2018-09-15 21:35:56 +01:00
Behrang Fouladi Azarnaminy
7071c75567 revert "Chaning EOL in two files" 
This reverts commit ecd08d4560.
 2018-09-14 09:03:48 -07:00
Esben Sparre Andreasen
444a09a17c JS: add models of five file system libraries 2018-09-14 15:30:44 +02:00
Esben Sparre Andreasen
33f98dd1a7 JS: add query: js/stored-xss 2018-09-14 15:30:44 +02:00
Asger F
a3562aa4a7 Merge pull request #193 from esben-semmle/js/reduce-precision-of-remote-property-injection 
JS: lower @precision of js/remote-property-injection
 2018-09-14 11:14:13 +01:00
Esben Sparre Andreasen
e2fac8a03c JS: introduce concept: FileNameSource 2018-09-14 11:09:29 +02:00
Esben Sparre Andreasen
6d3c1a1d22 JS: introduce fsModuleMember 2018-09-14 11:09:29 +02:00
Esben Sparre Andreasen
8de269e1fb JS: add support for fs-extra in NodeJSFileSystemAccess 2018-09-14 11:09:29 +02:00
semmle-qlci
abbadf24f0 Merge pull request #192 from esben-semmle/js/additional-array-taint-steps 
Approved by asger-semmle
 2018-09-14 10:02:36 +01:00
Esben Sparre Andreasen
81aeda69e1 JS: lower @precision of js/remote-property-injection 2018-09-14 07:37:47 +02:00
semmle-qlci
961ecfb43f Merge pull request #187 from esben-semmle/js/additional-whitelisting-form-unbound-event-handlers 
Approved by asger-semmle
 2018-09-14 06:35:39 +01:00
Esben Sparre Andreasen
4c13e6b46b JS: add additional array-specific taint steps 2018-09-13 21:36:53 +02:00
Jonas Jensen
9886e4a056 Merge remote-tracking branch 'upstream/master' into merge-master-next-20180913 2018-09-13 20:28:17 +02:00
Esben Sparre Andreasen
763da72ce5 JS: modernize old array taint steps 2018-09-13 15:52:25 +02:00
Esben Sparre Andreasen
ea37665ec6 JS: move array-specific taint steps to separate class 2018-09-13 15:52:25 +02:00
semmle-qlci
3d022298dc Merge pull request #186 from Semmle/rc/1.18 
Approved by esben-semmle
 2018-09-13 12:34:54 +01:00
Esben Sparre Andreasen
fcc33ce93d JS: whitelist auto-bind methods in js/unbound-event-handler-receiver 2018-09-13 08:41:41 +02:00
Esben Sparre Andreasen
eb10f603ab JS: whitelist decorator-bound methods in js/unbound-event-handler-receiver 2018-09-13 08:41:41 +02:00
Esben Sparre Andreasen
1220b50737 JS: whitelist _.bindAll-methods in js/unbound-event-handler-receiver 2018-09-13 08:41:41 +02:00
Behrang Fouladi Azarnaminy
ecd08d4560 Chaning EOL in two files 2018-09-12 12:05:57 -07:00
Aditya Sharad
767045b55d Merge rc/1.18 into next. 2018-09-12 14:59:54 +01:00
semmle-qlci
9e0ba51280 Merge pull request #179 from esben-semmle/js/classify-multi-license-fix 
Approved by asger-semmle
 2018-09-11 21:30:10 +01:00
Behrang Fouladi Azarnaminy
fc087ffb71 Replaceing query and test files with suggested ones 2018-09-11 12:32:56 -07:00
Behrang Fouladi Azarnaminy
befca6cafa Remove webview example and its reference in qlhelp file 2018-09-11 12:31:00 -07:00
semmle-qlci
b17aeb689c Merge pull request #118 from esben-semmle/js/request-forgery 
Approved by asger-semmle
 2018-09-11 16:28:59 +01:00
Esben Sparre Andreasen
43c65e02ec JS: classify bundle files based on multiple license comments 2018-09-11 15:40:24 +02:00
Asger F
0a4a5da1f0 JavaScript: update output of CFG test 2018-09-11 12:15:01 +01:00
Asger F
3d444f3dc6 JavaScript: fix CFG for EnhancedForStmt 2018-09-11 12:15:01 +01:00
Tom Hvitved
70e713122f Merge branch 'rc/1.18' into merge-rc 2018-09-11 09:11:03 +02:00
Behrang Fouladi Azarnaminy
02047ea260 Edit .expected file 2018-09-10 10:27:29 -07:00
Esben Sparre Andreasen
aaf1ac770d JS: reduce declared precision of js/request-forgery 2018-09-09 21:30:43 +02:00
Behrang Fouladi
43a9d511c2 Update EnablingNodeIntegration.qhelp 2018-09-07 14:58:24 -07:00
Behrang Fouladi
302e271a79 Update EnablingNodeIntegration.expected 
Change EOL to unix format
 2018-09-07 09:52:52 -07:00
Behrang Fouladi Azarnaminy
bd92cd14c5 Changing EOL in all files to unix format 2018-09-07 09:47:15 -07:00
Behrang Fouladi Azarnaminy
ebbd3b3111 Adding html encoding to EnablingNodeIntegration.qhelp 2018-09-07 08:47:35 -07:00
Esben Sparre Andreasen
3d3b7b0254 JS: fix typo in test case 2018-09-06 22:54:07 +02:00
Behrang Fouladi Azarnaminy
9179701248 JavaScript: Add query for Node.js integration in Electron framework 2018-09-06 11:38:08 -07:00
semmle-qlci
62e9946fe2 Merge pull request #150 from asger-semmle/ts-asi-bug 
Approved by xiemaisi
 2018-09-05 21:22:29 +01:00
Jonas Jensen
d5e0357201 Revert "Revert "Version: Bump to 1.19.0 dev."" 
This reverts commit ab2bec743a.
 2018-09-05 21:07:19 +02:00
Aditya Sharad
f27945216f Merge rc/1.18 into master. 2018-09-05 15:32:30 +01:00
semmle-qlci
5fcd663e9f Merge pull request #158 from esben-semmle/js/sharpen-regexp-injection 
Approved by xiemaisi
 2018-09-05 12:45:59 +01:00
Esben Sparre Andreasen
f63a3b3f39 JS: add missing abstract modifier 2018-09-05 09:20:45 +02:00
Esben Sparre Andreasen
6e1846b1ca JS: address doc review comments 2018-09-05 09:20:45 +02:00
Esben Sparre Andreasen
89887e7dc8 JS: address review comments 2018-09-05 09:20:45 +02:00
Esben Sparre Andreasen
2306afdebf JS: use extensible architecture for Electron- and NodeClientRequest 2018-09-05 09:20:45 +02:00
Esben Sparre Andreasen
2dd8e95a51 JS: remove unused getOptions method 2018-09-05 09:20:45 +02:00
Esben Sparre Andreasen
d578c7422d JS: docstring cleanup 2018-09-05 09:20:45 +02:00